Running head: Evaluating Risk Handling Strategies

Evaluating Risk Handling Strategies

1
Running head: Evaluating Risk Handling Strategies

Case Brief

This report discusses the risk handling strategies for a hospital in Las Vegas

which is facing the problem of huge power supply cut. As the information system of

the hospital that also holds the detail of the patient medical record is available

digitally, the power cut obviously creates several problems in respect to working of

medical appliances and access of patient record both. The consequences of a power

outage in a hospital, urgent care centre, or other medical facility may be deadly.

Medical facilities may also be severely harmed if they lose their HVAC, water

pressure, sterilising technology, or refrigeration capabilities. HVAC systems that

depend on power for heating, cooling, and ventilation will be unavailable. Patients in

intensive care, neonatal units, or cardiac units who rely on life-saving equipment are

at risk. High-risk surgical operations may be harmed by a lack of illumination, and

rooms without backup lighting are in danger of becoming completely dark (Jing,

Yiming & Ahn, Gail-Joon & Zhao, Ziming & Hu, Hongxin. 2014).

Risk Handling Strategies

Risk Handling Description

Strategy

2
Running head: Evaluating Risk Handling Strategies

Avoidance In order to lessen their exposure to risk, some companies

choose not to engage in high-risk operations. Even though it is

difficult to remove all risks, a risk avoidance plan may assist in

preventing certain losses from occurring. An organization's

assets might be adversely impacted by the reduction of

dangers, activities, and exposures. There are two types of risk

management: one that strives to minimise harm and financial

losses, and the other that aims to eliminate all risk.

Create a product or method that eliminates the components that

might lead to an undesirable risk. Due to unacceptable wear on

a less robust material, a design adjustment to a more robust

material prevents undesirable failures. Implementing a back-up

system and allowing access to patient records in offline mode,

as well as providing printed copies of records. Along with this,

important medical equipment must be supported by it (Wright,

Jorja & Dawson, Maurice & Omar, Marwan. 2012).

Transference It is a frequent practise in risk management to transfer a

person's or an organization's potential losses to a third party.

Periodic payments are often made to the third party to cover the

cost of the risk that the person or organisation has assumed. In

the event of a power outage, the hospital must set up a backup

power system or agency. Data should be stored in the cloud so

that it may be accessed from any location. An IT risk

assessment should be performed. All hospital workers should

get regular training on HIPAA requirements. Keep an eye on all

3
Running head: Evaluating Risk Handling Strategies

of the building's technological gadgets and documents. Patients'

data should be encrypted, as well as any devices used to

access it. It is recommended that patients with tight rules use a

mobile-based information system to view their data (Alqershi,

Fattoh & AL-Qurishi, Muhammad & Rahman, Sk Md Mizanur &

Alamri, Atif. 2014).

Mitigation Mitigation strategies must be developed in order to minimise,

remove, or manage risk to an acceptable level. Locate potential

sources of supplies and service providers in the region’s most at

risk of power disruptions and look into alternate sourcing

agreements. Manage and disseminate information about

scheduled service cutbacks or power outages to plant

managers or other operations executives. Review all equipment

shutdown timings and assess how they may be handled with

respect to anticipated service interruptions or power outages.

Critical EDP functions that might be affected if power to data

centres is lost or an outage that surpasses the capacity of UPS

systems is required (La Polla, Mariantonietta & Martinelli, Fabio

& Sgandurra, Daniele. 2013).

4
Running head: Evaluating Risk Handling Strategies

References

Ahmed, Omar & Sallow, Amira. (2017). Android Security: A Review. Academic

Journal of Nawroz University. 6. 6.

Alqershi, Fattoh & AL-Qurishi, Muhammad & Rahman, Sk Md Mizanur & Alamri, Atif.

(2014). ios vs android, the security battle... 10.1109/WCCAIS.2014.6916629.

Jing, Yiming & Ahn, Gail-Joon & Zhao, Ziming & Hu, Hongxin. (2014). RiskMon:

Continuous and automated risk assessment of mobile applications. CODASPY 2014

- Proceedings of the 4th ACM Conference on Data and Application Security and

Privacy. 99-110. 10.1145/2557547.2557549.

La Polla, Mariantonietta & Martinelli, Fabio & Sgandurra, Daniele. (2013). A Survey

on Security for Mobile Devices. Communications Surveys & Tutorials, IEEE. 15. 446-

471. 10.1109/SURV.2012.013012.00028.

Sallow, Amira & M.Sadeeq, Mohammed & Zebari, Rizgar & Abdulrazzaq, Maiwan &

Mahmood, Mayyadah & Shukur, Hanan & Haji, Lailan. (2020). An Investigation for

Mobile Malware Behavioral and Detection Techniques Based on Android Platform.

IOSR Journal of Computer Engineering. 22. 14-20. 10.9790/0661-2204021420.

Wright, Jorja & Dawson, Maurice & Omar, Marwan. (2012). Cyber Security and

Mobile Threats: The Need for Antivirus Applications for Smart Phones. Journal of

Information Systems Technology and Planning. 5. 40-60.

5
Running head: Evaluating Risk Handling Strategies

Zhou, Yajin & Jiang, Xuxian. (2012). Dissecting Android Malware: Characterization

and Evolution. Proceedings - IEEE Symposium on Security and Privacy. 4. 95-109.

10.1109/SP.2012.16.